Privacy and User Trust in Context-Aware
63K - views

Privacy and User Trust in Context-Aware

Similar presentations


Download Presentation

Privacy and User Trust in Context-Aware




Download Presentation - The PPT/PDF document "Privacy and User Trust in Context-Aware" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.



Presentation on theme: "Privacy and User Trust in Context-Aware"— Presentation transcript:

Slide1

Privacy and User Trust in Context-Aware

Systems

Saskia Koldijk

1,2, Gijs Koot2, Mark Neerincx1,3, Wessel Kraaij1,2

www.swell-project.net

(1)

(2

)

(3

)

Slide2

www.swell-project.net

Recent trends

Big data,

advances

in

sensing

,

smartphones,

ubiquitous user modeling…

Opportunity

Thread

Context Aware Systems

Better personalized and contextualized servicesPrivacy Losing control over personal (context) data

Definition CAS: “use of environmental elements by applications to personalize their service for the user” [1].

Definition Privacy:

“boundary control process in which individuals regulate when, how, and to what extent information about them is communicated to others” [2].

Slide3

www.swell-project.net

Outline of this talk

Introduction context aware SWELL system

Privacy Impact Assessment

How to apply Privacy by Design

User study:

Effects of Privacy by Design, on

Trust

Attitude towards using the system

Results

How to build a privacy-friendly CAS?

Slide4

www.swell-project.net

Outline of this talk

Introduction context aware SWELL

system

Privacy Impact Assessment

How to apply Privacy by Design

User study:

Effects of Privacy by Design, on

Trust

Attitude towards using the system

Results

How to build a privacy-friendly CAS?

Slide5

Problem to address:

Knowledge workers often experience stress building up, which in the worst case results in burn-out.

SWELL

Slide6

SWELL Workload Mirror to look back at the day:

I work in the office from 9 till 5. I perform knowledge work.

My work is demanding. I often feel so tired.

Slide7

SWELL tool:

Workload

Mirror to manage well-being at work

1) Working behavior is captured with sensors and the system learns to interpret this personal data.

2) Intelligible information is provided as feedback to help adjust behavior and improve well-being.

C

ontent worked on

Mental effort/ energy

Computer activity

Posture

Facial expressions

Can collect:

Overview of:

Tasks

Stress

Self reports

Slide8

www.swell-project.net

Introduction context aware SWELL

system

Privacy Impact Assessment

How to apply Privacy by Design

User study:

Effects of Privacy by Design, on

Trust

Attitude towards using the system

Results

Outline

Slide9

www.swell-project.net

Privacy Impact Assessment

Detect

potential privacy

problems

before

the

development of a new

technology

Question catalogue

Slide10

www.swell-project.net

Goal of data collection

The goal of data collection should be clearly described

.

The

user should have a clear view on what the system does and how the data is

used.

Type of data

The user must know which data is collected.

Which

data is collected and processed will be kept to a minimum to enable required functionality.

The data should be stored as aggregated as possible.The system should provide an alternative means to provide data (e.g. manual user input).Reactions to the systemThe user should be aware of his privacy settings.User controlThe user must give permission to collect data, based on a well-informed decision.The user should be able to see his own data and delete data.

Results: Important privacy aspects

(1)

Slide11

www.swell-project.net

Quality of the data

The system should give correct information.

The user should be able to check and correct the data.

Security of the data

The data should be stored as locally as possible.

The data should be encrypted.

Others

should not have access to your data

.

Data responsibilities

An security plan should be established to prevent unauthorized access.All involved parties should adhere to the security plan.Data sharingWhen the user voluntarily shares data, it should be shared in line with the user’s expectations.The user must know who (if applicable) will have access to the data

Results: Important privacy

aspects

(2)

Slide12

www.swell-project.net

Introduction context aware SWELL

system

Privacy Impact Assessment

How to apply Privacy by Design

User study:

Effects of Privacy by Design, on

Trust

Attitude towards using the system

Results

Outline

Slide13

www.swell-project.net

Outlined

privacy aspects

can

be addressed from the developers

side!

Apply 8

Privacy Design

Strategies

CAS

follows current privacy

legislation ‘Privacy Patterns’ used for implementation

Privacy by Design

Cavoukian

(2012)

Hoepman

(2012)

Slide14

www.swell-project.net

1. Inform

Informed consent

Privacy Dashboard

2. Control

Privacy Choices

3

. Minimize

Pseudonyms

Anonymization

(k-anonymity)

4. SeparateDecentralisationHorizontal/ vertical data separation

8 Privacy Design Strategies (+ patterns)

Hoepman

(2012)

strategy

pattern

Slide15

www.swell-project.net

5

.

Aggregate

Aggregate over time

Blur personal data

6. Hide

Authentication

Store data encrypted

7. Enforce & 8. Demonstrate

Sticky Policies

8 Privacy Design

Strategies (+ patterns)

Hoepman

(2012)

Slide16

www.swell-project.net

Introduction context aware SWELL

system

Privacy Impact Assessment

How to apply Privacy by Design

User study

:

Effects of Privacy by Design, on

Trust

Attitude towards using the system

Results

Outline

Slide17

www.swell-project.net

124 participants

Presentation SWELL system

Between

subject design: Privacy information

(yes/no)

Questionnaire

on:

Transparency

Privacy/ Trust

Attitude towards use of the SWELL system

Hypothesized model:

Effect on Users’ Attitudes

Slide18

Purpose limitation: The collected data is only used for giving yourself insights to enable self-management.Control: You can enable or disable the computer logging, camera or Kinect sensors. Data minimization: The tool only processes data that is necessary to provide the functionality that you desire, e.g. the tool will use document content only when you want an overview of topics worked on.Data aggregation: The sensor data is processed locally on your device. Only summary information, like topics, average posture or facial expression, is stored – no keystrokes or video. Adequate protection: Your data is hidden from unauthorized access.Data subjects right: You have full control over your data, can view or delete it.

Privacy by Design

<Privacy group>

Slide19

Installing SWELL

Goal of the SWELL tool: Supporting self-management of stress.

You can enable or disable functionalities as you wish, such that the SWELL tool optimally supports you with functionality that you desire.

E.g. you can decide if you want to share (parts of) information with others.

<Privacy group>

Slide20

Installing SWELL

Goal of the SWELL tool: Supporting self-management of stress.

You can enable or disable functionalities as you wish, such that the SWELL tool optimally supports you with functionality that you desire.

E.g. you can decide if you want to share (parts of) information with others.

<Control group>

Slide21

www.swell-project.net

Introduction context aware SWELL

system

Privacy Impact Assessment

How to apply Privacy by Design

User study:

Effects of Privacy by Design, on

Trust

Attitude towards using the system

Results

Outline

Slide22

www.swell-project.net

P

rivacy

information had a positive effect on perceived

privacy/ trust

in

the SWELL system

Attitude

towards using

the SWELL system

was

not related to perceived privacy/ trust!!related to personal motivation!

Results

(*

significant on the .05 level, ** significant at the 0.01 level

)

Slide23

www.swell-project.net

There are users that state privacy concerns;

nevertheless they are going to use the system (when they have personal motivation)

‘Privacy paradox’,

also found in related

work

It

is important to implement

Privacy

by

Design

to adequately protect the privacy of the users!The 8 Privacy Strategies are an easy start point for developing privacy friendly CAS, use them 

Conclusions

Slide24

www.swell-project.net

Dey

, A. K., Brown, &

Abowd

, G. D. (1999). Towards a better understanding of context and context-awareness. In 

Handheld and ubiquitous computing

 (pp. 304-307). Springer Berlin Heidelberg.

Van De Garde-Perik, E.,

Markopoulos

, P., De Ruyter, B., Eggen, B., &

Ijsselsteijn

, W. (2008). Investigating privacy attitudes and behavior in relation to personalization. Social Science Computer Review, 26(1), 20-43.Cavoukian, A. (2012). Operationalizing Privacy by Design: A Guide to Implementing Strong Privacy Practices. Ontario: Information and Privacy Commissioner of Ontario.Hoepman, J. H. (2012). Privacy Design Strategies. arXiv preprint arXiv:1210.6621.

References

Slide25

Thank you for your attention!

Privacy

and User Trust

in Context-Aware Systems

(1)

(2)

(3)

www.swell-project.net

(1)

(2

)

(3

)

Publications:

cs.ru.nl/~

skoldijk

Saskia Koldijk

1,2

, Gijs

Koot

2

,

Mark Neerincx

1,3

, Wessel

Kraaij

1,2